Spring Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Discussions
  3. CompTIA
  4. CompTIA CASP
  5. CAS-005 Discussions
  6. CAS-005 Exam Topic 5 Question 42 Discussion

CompTIA SecurityX Certification Exam CAS-005 Question # 42 Topic 5 Discussion

 CompTIA Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

CompTIA SecurityX Certification Exam CAS-005 Question # 42 Topic 5 Discussion

CAS-005 Exam Topic 5 Question 42 Discussion:
Question #: 42
Topic #: 5

During a security assessment using an EDR solution, a security engineer generates the following report about the assets in the system:

Initial report:

Device | Type | EDR status | Infection Status

LN002 | Linux SE | Enabled (unmanaged) | Unknown

OWIN23 | Windows 7 | Enabled | Clean

OWIN29 | Windows 10 | Enabled (bypass) | Clean

MAC005 | Mac OS | Enabled | Clean

After five days:

Device | Type | EDR status | Infection Status

LN002 | Linux SE | Enabled (unmanaged) | Unknown

OWIN23 | Windows 7 | Enabled | Clean

OWIN29 | Windows 10 | Enabled (bypass) | Infected

MAC005 | Mac OS | Disabled | Clean

Which of the following most likely enabled the infection?
A.

OWIN23 uses a legacy version of Windows that is not supported by the EDR.

B.

LN002 was not supported by the EDR solution and propagates the RAT.

C.

OWIN29 ' s EDR has an unknown vulnerability that was exploited by the attacker.

D.

MAC005 spreads the malware through other hosts in the network.

Get Premium CAS-005 Questions
Actual exam question for CompTIA CAS-005 exam by Vega6887 at Mar 30, 2026, 9:39:59 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next